ads.infozone.pl Open in urlscan Pro
91.228.197.171 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97
Submission: On August 11 via manual (August 11th 2022, 8:58:13 am UTC) from ES — Scanned from ES

Summary HTTP 6 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 6 HTTP transactions. The main IP is 91.228.197.171, located in Poland and belongs to BIZNESHOST-AS, PL. The main domain is ads.infozone.pl.
TLS certificate: Issued by R3 on June 3rd 2022. Valid for: 3 months.

This is the only time ads.infozone.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	91.228.197.171 91.228.197.171	198414 (BIZNESHOS...) (BIZNESHOST-AS)
4	188.165.135.70 188.165.135.70	16276 (OVH) (OVH)
1	52.210.2.133 52.210.2.133	16509 (AMAZON-02) (AMAZON-02)
6	3

1 91.228.197.171 (Poland)

ASN198414 (BIZNESHOST-AS, PL)
PTR: mx.infozone.pl

ads.infozone.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.165.135.70 (Spain)

ASN16276 (OVH, FR)
PTR: ip70.ip-188-165-135.eu

img.taku-wakan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.2.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-2-133.eu-west-1.compute.amazonaws.com

voyage.labselina.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	taku-wakan.com img.taku-wakan.com	456 KB
1	labselina.com voyage.labselina.com	660 B
1	infozone.pl ads.infozone.pl	3 KB
6	3

	Domain	Requested by
4	img.taku-wakan.com	ads.infozone.pl
1	voyage.labselina.com	ads.infozone.pl
1	ads.infozone.pl
6	3

This site contains links to these domains. Also see Links.

Domain
voyage.labselina.com

Subject Issuer	Validity	Valid
ads.infozone.pl R3	`2022-06-03` - `2022-09-01`	3 months	crt.sh
img.taku-wakan.com R3	`2022-08-01` - `2022-10-30`	3 months	crt.sh
*.go2cloud.org Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97
Frame ID: 92F33A4C8ECBA0265A6C1C003B7E0345
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tu vida se merece un seguro como el de AdeslasAdeslas

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

459 kB
Transfer

462 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://voyage.labselina.com/aff_c?offer_id=1258&aff_id=1685&source=4732&aff_sub5=54651&file_id=13114&url_id=13151

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Show response ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/	7 KB 3 KB	14935ms 14691ms	Document text/html	91.228.197.171 BIZNESHOST-AS
General Check archive.org Show headers Download Go to Full URL https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 91.228.197.171 , Poland, ASN198414 (BIZNESHOST-AS, PL), Reverse DNS mx.infozone.pl Software uvicorn / Resource Hash `e96e4c7163ed43f9ea1b6eb57aaee4b8922459eeeb0d4c3c523d91a048590036` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 accept-language es-ES,es;q=0.9 Response headers Connection Keep-Alive Content-Encoding gzip Date Thu, 11 Aug 2022 08:58:08 GMT Keep-Alive timeout=5, max=100 Server uvicorn Transfer-Encoding chunked Vary Accept-Encoding content-type text/html; charset=utf-8
GET H2	200	2022_36478.png img.taku-wakan.com/kits/	22 KB 22 KB	236ms 101ms	Image image/png	188.165.135.70 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://img.taku-wakan.com/kits/2022_36478.png Requested by Host: ads.infozone.pl URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.165.135.70 , Spain, ASN16276 (OVH, FR), Reverse DNS ip70.ip-188-165-135.eu Software nginx / PleskLin Resource Hash `a5ec99176bd74805a612e7dc8d2ec6e15e5b65751789695698e958a8d68be6ca` Request headers accept-language es-ES,es;q=0.9 Referer https://ads.infozone.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 08:55:06 GMT last-modified Thu, 30 Jun 2022 15:05:47 GMT server nginx x-powered-by PleskLin etag "62bdbbcb-5766" content-type image/png accept-ranges bytes content-length 22374
GET H2	200	2022_36479.png img.taku-wakan.com/kits/	348 KB 348 KB	282ms 147ms	Image image/png	188.165.135.70 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://img.taku-wakan.com/kits/2022_36479.png Requested by Host: ads.infozone.pl URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.165.135.70 , Spain, ASN16276 (OVH, FR), Reverse DNS ip70.ip-188-165-135.eu Software nginx / PleskLin Resource Hash `ca57b591cd053d564756d637db3faeee193efd3b3b22501d9f45e458b6dcebf5` Request headers accept-language es-ES,es;q=0.9 Referer https://ads.infozone.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 08:55:06 GMT last-modified Thu, 30 Jun 2022 15:05:47 GMT server nginx x-powered-by PleskLin etag "62bdbbcb-56e94" content-type image/png accept-ranges bytes content-length 355988
GET H2	200	2022_36480.png img.taku-wakan.com/kits/	13 KB 13 KB	270ms 157ms	Image image/png	188.165.135.70 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://img.taku-wakan.com/kits/2022_36480.png Requested by Host: ads.infozone.pl URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.165.135.70 , Spain, ASN16276 (OVH, FR), Reverse DNS ip70.ip-188-165-135.eu Software nginx / PleskLin Resource Hash `551e4f051d1a8ccbfc0dd5c3afdc635dd0dbbaae8354047083e16faab78ad4f7` Request headers accept-language es-ES,es;q=0.9 Referer https://ads.infozone.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 08:55:06 GMT last-modified Thu, 30 Jun 2022 15:05:47 GMT server nginx x-powered-by PleskLin etag "62bdbbcb-327f" content-type image/png accept-ranges bytes content-length 12927
GET H2	200	2022_36481.png img.taku-wakan.com/kits/	73 KB 73 KB	270ms 157ms	Image image/png	188.165.135.70 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://img.taku-wakan.com/kits/2022_36481.png Requested by Host: ads.infozone.pl URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 188.165.135.70 , Spain, ASN16276 (OVH, FR), Reverse DNS ip70.ip-188-165-135.eu Software nginx / PleskLin Resource Hash `1a6d06fb0119114d9452ad7cd6a66ecfa974538dfab29cb858874e861dab634d` Request headers accept-language es-ES,es;q=0.9 Referer https://ads.infozone.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers date Thu, 11 Aug 2022 08:55:06 GMT last-modified Thu, 30 Jun 2022 15:05:47 GMT server nginx x-powered-by PleskLin etag "62bdbbcb-122ad" content-type image/png accept-ranges bytes content-length 74413
GET H/1.1	200 OK	aff_i voyage.labselina.com/	43 B 660 B	326ms 64ms	Image image/gif	52.210.2.133 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://voyage.labselina.com/aff_i?offer_id=1258&aff_id=1685&source=4732&aff_sub5=54651&file_id=13114&url_id=13151 Requested by Host: ads.infozone.pl URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.210.2.133 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-210-2-133.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash `ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c` Request headers accept-language es-ES,es;q=0.9 Referer https://ads.infozone.pl/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36 Response headers Pragma no-cache Date Thu, 11 Aug 2022 08:58:09 GMT Content-Encoding gzip Server nginx Tracking_id 1029bf0e7b4a317b038e0927f3078a Transfer-Encoding chunked P3p CP="NOI CUR OUR NOR INT" Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Type image/gif Access-Control-Allow-Headers Tune-SDK-Version X-Request-Id 55fedbaa6cef3e1ca30b97905e48519e Expires Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			voyage.labselina.com/	1970-01-20 05:11:34	Name: aff_ran_url_1258 Value: 13151

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36478.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36479.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36480.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36481.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97 Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://voyage.labselina.com/aff_i?offer_id=1258&aff_id=1685&source=4732&aff_sub5=54651&file_id=13114&url_id=13151'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97(Line 201) Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36478.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97(Line 201) Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36479.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97(Line 201) Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36480.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97(Line 201) Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://img.taku-wakan.com/kits/2022_36481.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97(Line 201) Message: Mixed Content: The page at 'https://ads.infozone.pl/w/ci4uYoncG9r6ds8fMunK7q/icBYFEPSNZd5XKm6HNcmRC-4af6rdTJp9Z6eM6ZVpYW97' was loaded over HTTPS, but requested an insecure element 'http://voyage.labselina.com/aff_i?offer_id=1258&aff_id=1685&source=4732&aff_sub5=54651&file_id=13114&url_id=13151'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.infozone.pl
img.taku-wakan.com
voyage.labselina.com
188.165.135.70
52.210.2.133
91.228.197.171
1a6d06fb0119114d9452ad7cd6a66ecfa974538dfab29cb858874e861dab634d
551e4f051d1a8ccbfc0dd5c3afdc635dd0dbbaae8354047083e16faab78ad4f7
a5ec99176bd74805a612e7dc8d2ec6e15e5b65751789695698e958a8d68be6ca
ac05f643d51698438fc2504bc237b5a39ce1248b037dbf446aaca4ce65c3182c
ca57b591cd053d564756d637db3faeee193efd3b3b22501d9f45e458b6dcebf5
e96e4c7163ed43f9ea1b6eb57aaee4b8922459eeeb0d4c3c523d91a048590036

ads.infozone.pl Open in urlscan Pro 91.228.197.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

6 Requests

83 %HTTPS

0 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

459 kBTransfer

462 kBSize

1 Cookies

1 Outgoing links

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

10 Console Messages

Indicators

ads.infozone.pl Open in urlscan Pro
91.228.197.171 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

459 kB
Transfer

462 kB
Size

1
Cookies

6 HTTP transactions
0 data transactions